<?
include ('../sessions.php');
include('../variables.php');

$save_type='MySQL';
$webDIR = "members";

$dbh = get_master_connect();

if (!$dbh) {
	$error = "1";
}
if($s == "" || !$s){
	$s = validate($HTTP_POST_VARS[x_invoice_num]);
}
if ($s == "" || !session_exist($s)) {
	$error = "2";
}
$sid = $s;

if ($ss) $action = $ss;
if (!$action) $action = 2;


if (session_exist($sid)) {
	session_start_();
}
else {
	$error = "3";
}
if($error){

	$list .= "<table>";
	while(list($k,$v) = each($_SERVER)){
		$list .="<tr><td>".$k." </td><td> ".$v."</td></tr>";
	}
	$list .= "</table>";
        mail("support@lonex.com","!ERROR during payment!",$list,"From: RESELLERS_BILLING_SYSTEM@lonex.com \nReply-To: $repto\nX-Mailer: CBFL Mailer\nMIME-Version: 1.0\nContent-Type: text/html;\n");
        echo "Either you have tried to enter an unauthorized area or there has been an error during the paymet process. Please start the process again.  ($error)";
}

if ($memberAuthenticated == "yes") {

		if (getenv(REQUEST_METHOD) == "GET") {

		}
		else if (getenv(REQUEST_METHOD) == "POST") {
		switch($action){
				case "1":
		                        $params[sid] = $sid;
        	                	$params[action] = "";
                		        $errorURL  = "$baseURL/?".encode_params($params);
					
						
						$deposit = validate($HTTP_POST_VARS[deposit]);
						if(!$deposit){
								$errorMsg = "Minimum deposit amount is $min_deposit";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
						start_deposit($deposit);
						$url = gotoPay($deposit);
						if($url){
								echo "Please wait while loading... <br>";
								echo "Click <a href='$url' target='_parent'> here </a> if the page doesn't load within 10 seconds.";
								echo "	<Script Language='JavaScript'>
										<!-- Regidecrt Script -->
										<!--
											window.parent.navigate('$url');
										-->
										</script>
									";
						}else{
								echo "ERROR : 4";exit();
						}

				break;
				case "2":
						$order_number = validate($HTTP_POST_VARS[order_number]);
						$x_first_name = validate($HTTP_POST_VARS[x_first_name]);
						$x_last_name = validate($HTTP_POST_VARS[x_last_name]);
						$x_email = validate($HTTP_POST_VARS[x_email]);
						$x_phone = validate($HTTP_POST_VARS[x_phone]);
						$x_amount = validate($HTTP_POST_VARS[x_amount]);
						$merchant_product_id = validate($HTTP_POST_VARS[merchant_product_id]);
						$x_response_reason_text = validate($HTTP_POST_VARS[x_response_reason_text]);
						$x_2checked = validate($HTTP_POST_VARS[x_2checked]);
						$x_login= validate($HTTP_POST_VARS[x_login]);
						$x_MD5_Hash = validate($HTTP_POST_VARS[x_MD5_Hash]);
						$demo = validate($HTTP_POST_VARS[demo]);
						
						$params[sid]=$sid;
						$params[action]="billing_error";
						$errorURL="$baseURL/?".encode_params($params);

						if(!$x_MD5_Hash){
								$errorMsg = "Error during billing. Please contact the support. - 1";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
						$buffer = $billingInfo[secret]."$x_login"."$x_login-$order_number"."$x_amount";
//echo strtoupper(md5($buffer))." != $x_MD5_Hash";
						if(strtoupper(md5($buffer)) != $x_MD5_Hash){
								$errorMsg = "Error during billing. Please contact the support. - 2";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
						if($demo && $demo =="Y"){
								$errorMsg = "Error during billing. Please contact the support. - 3";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}

						if(!$x_login){ //trqbva da proveri dali e nashiqt x_login !!!!!!!
								$errorMsg = "Error during billing. Please contact the support. - 4";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
						if($x_2checked != "Y"){
								$errorMsg = "Error during billing. Please contact the support. - 5";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
						if(!$order_number){
								$errorMsg = "Error during billing. Please contact the support. - 6";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
						if(!$x_first_name) {
								$errorMsg = "Error during billing. Please contact the support. - 7";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
					/*
						if(!$x_last_name) {
								$errorMsg = "Error during billing. Please contact the support. - 8";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
					*/

						$x_full_name = $x_first_name." ".$x_last_name;

						if(!$x_email){
								$errorMsg = "Error during billing. Please contact the support. - 9";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
						if(!$x_phone){
								$errorMsg = "Error during billing. Please contact the support. - 10";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
						if(!$x_amount){
								$errorMsg = "Error during billing. Please contact the support. - 11";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}

						if(!log_($userName,"deposit_ok",$x_amount)){
								$errorMsg = "Error during billing. Please contact the support. - 13";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
						if (is_blocked($userName)) change_reseller_state($userName,"A");
						if(!confirm_deposit($x_amount)){
								$errorMsg = "Error during billing. Please contact the support. - 14";
								session_save(sid);
								header("Location: $errorURL");
								exit_now();
						}
						if(!set_amount($userName,"+",$x_amount)){
							$errorMsg = "Error during billing. Please contact the support. - 15";
							session_save(sid);
							header("Location: $errorURL");
							exit_now();
						}
						if($packets_to_buy){
								$k=calculate_packets_price($packets_to_buy);
								if($k<=0){
										if(!add_packet($userName,$packets_to_buy)){
												$errorMsg = "Error during billing. Please contact the support. - 16";
												$wizard_packet = "";
												session_save(sid);
												header("Location: $errorURL");
												exit_now();
										}
										$amount=calculate_packets_price($packets_to_buy,'1');
										if(!set_amount($userName,"-",$amount)){
											//mail support
										}
								}
								$statusMsg = "DEPOSIT OK !";
								$packets_to_buy="";
								session_save(sid);
			                                        $params[sid] = $sid;
        		                        	        $params[action] = "";
                        			                $statusURL  = "$baseURL/?".encode_params($params);
								header("Location: $statusURL");
								exit_now();
						}

					if($x_response_reason_text) $statusMsg = $x_response_reason_text;
					else $statusMsg = "DEPOSIT OK !";
					session_save(sid);
                                        $params[sid] = $sid;
                                        $params[action] = "";
                                        $statusURL  = "$baseURL/?".encode_params($params);
                                        header("Location: $statusURL");

					exit_now();

				break;
			default:
				echo "error 00-xxx-63846842899234";
				exit();
			break;
		}
	}
}
exit_now();

?>

